irotsoma

I do this as much as possible, though I have a self hosted VaultWarden instance. I really wish more stuff supported TOTP or Yubikey. There’s still a ton that only support text or email which just puts a big old hole in the security, IMHO.

I mean LLC is just a nice option if you want it to be easy to transfer it to someone else next time so they don’t have to go through any hassle. Adding someone to an LLC to have control over the assets is just easier than if an individual owns those assets.

But this all comes down to ownership. Someone owns the rights to the domain. Sonatype obeys that ownership. So it really comes down to how the owner wants to handle it. And in the US anyway, lawyers aren’t really required for an LLC, depending on the state you live in. Many it’s just a couple of simple documents and a small fee. That’s why LLCs are used by rich people to hide their money, it’s cheap and easy. I’ve done it many times in multiple states for various projects and never had any legal background. The nonprofit part is a little more work, but as long as you aren’t bringing in any money, its not necessary. Still easy in practice, but more research to figure out. Also, it comes with a lot of benefits like free access to a lot of stuff, including some from Sonatype. But again, not required, just thinking ahead and how I would do it.

First step would be just to contact the domain owner. If they are no longer interested in owning that asset, then they may just give it to you. If they are unresponsive and the domain is not in use for anything else, you could also contact the registrar and report it and if they can’t contact the domain owner there’s a possibility that they may allow you to purchase it depending on their policies.

Again, don’t get discouraged, and I’m totally willing to give pointers if you decide to go the nonprofit LLC route, but first, just contact the owner and maybe they’ll just give you the login for the domain registrar or if they don’t want to give up the ownership of the domain, maybe just authorize you with Sonatype to publish the artifacts. Essentially, because it’s an ownership issue, the owner needs to be involved.

Only the owner of a domain can publish a package attributed to that domain. Otherwise you’d have random hackers publishing malware as an Apache project or something. All you can do is try to contact the owner of the domain and see if they are willing to transfer ownership to you, or better yet, set up a nonprofit LLC, or whatever it’s called in your country, to have it transfered to.

I get the idea of wanting that lifeline in case of an emergency, but I agree, constant tracking is toxic. I’d never give a corporation my kids’ information just for some small convenience like that. Basically selling their future for almost nothing. By the time they grow up, potential employers and governments will know every place they ever visited as a kid, even places that might have been technically trespassing or politically divisive in the future. Kids need to learn and explore and be guided on what’s right and wrong, not be punished for minor stuff they did as children their entire lives.

Rust crates manifest file requires a license be set to be hosted on crates.io and the example manifest file uses:

[package] 
license = "MIT OR Apache-2.0"

Something like the Java’s jar manifest doesn’t have a predefined license property for interpreters to parse. Maven has a property, but it’s not required.

Yes, but punish the government and those who support those governments. The majority of people who live in a fascist country do not agree with the government otherwise fascism wouldn’t be necessary.

I live in the US and I don’t agree with nor apologize for the anti-trans, anti-women, anti-immigrant, and racist policies the federal government has recently implemented. In fact many policies directly affect me and my wellbeing.

I voted against them, but unfortunately we weren’t given an option to vote for something better because of the way things work here. And many of these countries don’t even have that. Nor do I think anyone else who lives in or visits the US should be punished for the actions of its government. Same goes for any other country.

And in this case it looks like it may just be someone visited one of those countries sometime in the past, though details are scarce. I get then need to sanction people involved with the bad stuff, but people who just visit or live there with no other connection to the bad stuff is a little extreme. Especially since contributing to this project, for free, is not producing profit for or supporting any government.

I think its just that the language having built in licensing is a newer concept as opposed to just having a companion document. And MIT and Apache are the licenses the pieces of the language is licensed under, so they made those default. That way it’s a conscious decision to make it more restrictive.

I think it’s unlikely to be enforced for normal use. If you use them for spam or to store a ton of data or some other abusive usage, they might shit down your accounts, but it would be pretty customer-unfriendly to do that for someone with just two accounts and not abusing it. Most privacy respecting services are too young to have gotten to the screw customers, only short-term profit phase of capitalism.

I don’t think it’s Rust exactly. I think Rust is just newer and this attracts developers with less experience with licensing. It’s not really something developers want to think about very much so they often just use the default. Heck, most code on github, etc., didn’t have any licenses at all for a really long time until businesses realized they couldn’t use the code without them due to copyright laws being applied by default but patents not being default in many countries, etc.

There are consequences to using copyleft as opposed to more permissive libre licenses, and vice versa, that may not be well understood by a lot of developers in general until they get into a situation where it matters. Either their code can’t be used by people they wanted to sue it, or companies are abusing the code without proper attribution, etc.

Censorship isn’t bad in itself. It’s a necessary evil just like imprisoning someone who imprisons others. Both are removing freedom, but one was for the benefit of an individual and the other is for the benefit of everyone else in the society. Regulation of freedoms is always necessary.

Problem is these days the far-right tries to say all regulation is too costly. But if one innocent person loses their rights compared to millions of innocent people losing their lives, its a big difference. Similarly, someone abusing their right to speak losing their right is not the same as someone using their right to speak responsibly, losing it.

Last time I checked, it depended on where you live and if the laws in that area require them to allow you to delete certain information. It’s on the a cache thing, it’s in your account. You can set up a new account, but if you use other Meta applications like Facebook, WhatsApp, Threads, etc, you may have to abandon those as well.

Might be possible to use a VPN or something to pretend to be in a country that they allow to have more detailed deletion of data, but I’m not totally sure if it’s just your current location or if the account has to have been created in that location or of you can change your account-level location, etc.

Generally the key fobs have a circuit and antenna inside and the circuit has a code that it broadcasts when it is near the transceiver. Some systems are more complex, but at the lowest level the system disrupts a magnetic field around the transceiver in a certain way to generate the code or is powered up by the transceiver and transmits the code using that power. That way no battery is required and it can fit inside a thin card or fob. Some older ones have a very small battery to increase range or create a more complex or modifiable code or for proximity use rather than touch.

That code is then authorized or not to open the door in the security system. And yes every time the fob is used, it is logged. And depending on if the fob has a battery, it is possible it tracks leaving. If they don’t have to touch the fob to a panel and just need to have it on them, then it logs any time they approach the door regardless of entering or leaving. If it requires touching or bringing it close to a panel and they don’t have to do that when leaving then it probably doesn’t log them by proximity.

Whether or not the log has the person’s name or just the code or ID of the fob depends on how old or cheap the system is. But there’s definitely some document somewhere that lists the peoples’ names and which fob they were assigned if it’s not in the system. So it’s easy enough to find out.

Any system that has the same code in every fob would be either super old or super cheap and unlikely to be used on secure doors. Having unique codes means that if a fob is lost or stolen it can be deactivated among other things. Which is a no-brainer for security if there is no real significant cost. The only reason older systems didn’t is because the tech couldn’t create long enough codes on the circuits that existed. And super cheap systems don’t want to create too many different codes since it’s cheaper to mass produce the same one over and over. Basically why car fobs can often open other people’s cars. Either they’re old or the car company’s too cheap and it’s not their security at risk, so they don’t care.

Usually it uses your IP address first, bit it’s not the only information in cases where the IP address is a known VPN or similar. Are you saying you were tunneling over TOR the first time?

When you switched to VPN you didn’t mention what browser. If it’s one that supports advertising IDs, that could be used, for example.

And when you connected to copilot did you get a captcha popup? If so, did you have to actually solve a captcha or click a button? If not, then it likely is getting information from somewhere that you are trustworthy.

Clear all browser data, make sure enhanced tracking protection is not disabled for the site. Go to a site that tells your IP address and verify it’s the Tor endpoint to verify the setup there is correct. Then try again.

Also, assuming you’re not clicking through any popups to allow tracking info or logging in to any accounts on this browser beforehand. If you log into a Microsoft account or any other account for a site that Microsoft gets info from first, it can use those logins to track you. You can disable this in the browser, but so many sites will break without it.

But it’s “just business”. You can’t blame them. That’s the get out of jail free card, often literally.

/s

Yep

If the Apple security decision in the UK is anything to go by as well as the Trump administration in the US pushing hard for government backdoors in cloud storage and messaging apps, which has been asked for for a long time but didn’t have much chance of getting past court oversight in the US until the Supreme Court was so corrupted, then likely this is going to be a way that governments can enforce the idea of having encrypted data transmissions to keep data out of the hands of foreign hackers, but still have corporate backdoors that allow governments to access the unencrypted data. That’s exactly what the UK said the Apple thing was supposed to help with. Of course data is only as secure as the weakest link and corporations are often much easier targets than individual users anyway. So it has the same result, but it appeases the majority who don’t get it.

This is what I use.

And this is the latest sync server that doesn’t rely on discontinued versions of Python: https://github.com/mozilla-services/syncstorage-rs/. It’s not a full, plug and play solution, and it doesn’t support PostgreSql so I haven’t set it up in my self hosted environment yet, but plan to eventually.

Yes IronFox is a fork of Mull, and though it does have a couple of differences in opinion on the balance of privacy and usability, it’s very similar. I’ve been using it since shortly after we lost Mull.

I mean 1 mile is still a 20 min walk or so. A bus can cover it in a couple of minutes and you won’t be exhausted, especially if carrying a heavy bag of books, it’s uphill, it’s raining, it’s snowing, it’s exceptionally hot, there are no sidewalks, you have to detour significantly to cross a body of water, highway, or other hazard, you have a mobility impairment, or you just don’t want to waste 40 minutes of your day walking when you could jump on a bus and spend that time doing other things. Now if it’s a choice of waiting for a bus that only comes every 20-30 min and walking, sure.